From owner-freebsd-ports@FreeBSD.ORG Sun Dec 7 18:35:03 2008 Return-Path: Delivered-To: ports@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E4410106567A for ; Sun, 7 Dec 2008 18:35:03 +0000 (UTC) (envelope-from hrs@FreeBSD.org) Received: from mail.allbsd.org (unknown [IPv6:2001:2f0:104:e001::32]) by mx1.freebsd.org (Postfix) with ESMTP id 639B88FC1E for ; Sun, 7 Dec 2008 18:35:03 +0000 (UTC) (envelope-from hrs@FreeBSD.org) Received: from delta.allbsd.org (p2191-ipbf1403funabasi.chiba.ocn.ne.jp [118.7.161.191]) (authenticated bits=128) by mail.allbsd.org (8.14.2/8.14.2) with ESMTP id mB7IYoAs016083 for ; Mon, 8 Dec 2008 03:35:02 +0900 (JST) (envelope-from hrs@FreeBSD.org) Received: from localhost (alph.allbsd.org [192.168.0.10]) (authenticated bits=0) by delta.allbsd.org (8.13.4/8.13.4) with ESMTP id mB7IYOkh074027 for ; Mon, 8 Dec 2008 03:34:26 +0900 (JST) (envelope-from hrs@FreeBSD.org) Date: Mon, 08 Dec 2008 03:32:50 +0900 (JST) Message-Id: <20081208.033250.137441016.hrs@allbsd.org> To: ports@FreeBSD.org From: Hiroki Sato X-PGPkey-fingerprint: BDB3 443F A5DD B3D0 A530 FFD7 4F2C D3D8 2793 CF2D X-Mailer: Mew version 6.1 on Emacs 22.2 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Multipart/Signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="--Security_Multipart0(Mon_Dec__8_03_32_50_2008_342)--" Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV version 0.93.3, clamav-milter version 0.93.3 on gatekeeper.allbsd.org X-Virus-Status: Clean X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0 (mail.allbsd.org [133.31.130.32]); Mon, 08 Dec 2008 03:35:02 +0900 (JST) Cc: Subject: RFC: $USE_[GU]ID for consistent [GU]ID handling X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 07 Dec 2008 18:35:04 -0000 ----Security_Multipart0(Mon_Dec__8_03_32_50_2008_342)-- Content-Type: Multipart/Mixed; boundary="--Next_Part(Mon_Dec__8_03_32_50_2008_083)--" Content-Transfer-Encoding: 7bit ----Next_Part(Mon_Dec__8_03_32_50_2008_083)-- Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Hello, I would like your comments about the attached patch. This is for adding USE_UID and USE_GID which allow uid/gid addition on installation and the removal on deinstallation. It uses ${PORTSDIR}/[GU]IDs for the detail information and can eliminate complex shell scripts from individual ports. For example, if you define USE_UID= foo in Makefile, the uid "foo" is added before pre-su-install, and removed on deinstallation by using pw(8). If the uid already exists, no error occurred. The multiple uids are also allowed. The attached patch includes an example of rewrite of an existing ports (japanese/sj3-server). After investigating ~300 ports in the ports tree which add uid/gid I think the attached implementation can cover most of the use case, but there may be something I missed. Comments are welcome. -- | Hiroki SATO ----Next_Part(Mon_Dec__8_03_32_50_2008_083)-- Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="ports_uid.diff" Index: Mk/bsd.port.mk =================================================================== RCS file: /home/ncvs/ports/Mk/bsd.port.mk,v retrieving revision 1.604 diff -d -u -I\$FreeBSD:.*\$ -I\$NetBSD:.*\$ -I\$OpenBSD:.*\$ -I\$DragonFly:.*\$ -I\$Id:.*\$ -I\$Translation:.*\$ -I\$hrs:.*\$ -r1.604 bsd.port.mk --- Mk/bsd.port.mk 5 Sep 2008 19:41:43 -0000 1.604 +++ Mk/bsd.port.mk 23 Nov 2008 18:48:13 -0000 @@ -524,6 +524,16 @@ # RC_SUBR_SUFFIX # - Contains the suffix of installed rc.subr scripts. ## +# +# USE_UID - List UIDs to be used by the port/package. The UID must be +# a symbolic name defined in ${PORTSDIR}/UIDs, and +# added on installation and removed on uninstallation. +# +# USE_GID - List GIDs to be used by the port/package. The GID must be +# a symbolic name defined in ${PORTSDIR}/GIDs, and +# added on installation and removed on uninstallation. +# +## # USE_APACHE - If set, this port relies on an apache webserver. # # USE_CDRTOOLS - If set, this port depends on sysutils/cdrtools, unless @@ -2109,6 +2119,50 @@ .endif .endif +.if defined(USE_UID) +UIDFILE?= ${PORTSDIR}/UIDs +.for U in ${USE_UID} +_PASSWDREGEX+= ^${U}:\\\| +.endfor +_PASSWDLINES= set -- ${_PASSWDREGEX}; IFS=''; ${GREP} "$${*%\|}" ${UIDFILE} +add-uid: + @${_PASSWDLINES} > /dev/null 2>&1 || ( ${ECHO_MSG} '===> $$USE_UID consistency error.' && ${FALSE} ) + @( ${_PASSWDLINES} ) | while read L; do \ + IFS=":"; set -f; set -- $${L}; \ + ${ECHO_MSG} "===> Adding user account: \"$${1}($${3})\""; \ + if ! ${PW} usershow $${1} > /dev/null 2>&1; then \ + ${PW} useradd -n "$${1}" -u "$${3}" -g "$${4}" -c "$${8}" -d "$${9}" -s "$${10}"; \ + fi; \ + ${ECHO_CMD} "@exec if ! ${PW} usershow $${1} > /dev/null 2>&1; then ${PW} useradd -n \"$${1}\" -u \"$${3}\" -g \"$${4}\" -c \"$${8}\" -d \"$${9}\" -s \"$${10}\"; fi" >> ${TMPPLIST}; \ + ${ECHO_CMD} "@unexec if ${PW} usershow $${1} > /dev/null 2>&1; then ${PW} userdel -n \"$${1}\" -u \"$${3}\"; fi" >> ${TMPPLIST}; \ + done +.else +add-uid: + @${DO_NADA} +.endif + +.if defined(USE_GID) +GIDFILE?= ${PORTSDIR}/GIDs +.for G in ${USE_GID} +_GROUPREGEX+= ^${G}:\\\| +.endfor +_GROUPLINES= set -- ${_GROUPREGEX}; IFS=''; ${GREP} "$${*%\|}" ${GIDFILE} +add-gid: + @${_GROUPLINES} > /dev/null 2>&1 || ( ${ECHO_MSG} '===> $$USE_GID consistency error.' && ${FALSE} ) + @( ${_GROUPLINES} || false ) | while read L; do \ + IFS=":"; set -f; set -- $${L}; \ + ${ECHO_MSG} "===> Adding group account: \"$${1}($${3})\""; \ + if ! ${PW} groupshow $${1} > /dev/null 2>&1; then \ + ${PW} groupadd -n "$${1}" -g "$${3}"; \ + fi; \ + ${ECHO_CMD} "@exec if ! ${PW} groupshow \"$${1}\" > /dev/null 2>&1; then ${PW} groupadd -n \"$${1}\" -g \"$${3}\"; fi" >> ${TMPPLIST}; \ + ${ECHO_CMD} "@unexec if ${PW} groupshow \"$${1}\" > /dev/null 2>&1; then ${PW} groupdel -n \"$${1}\" -g \"$${3}\"; fi" >> ${TMPPLIST}; \ + done +.else +add-gid: + @${DO_NADA} +.endif + # Macro for doing in-place file editing using regexps REINPLACE_ARGS?= -i.bak REINPLACE_CMD?= ${SED} ${REINPLACE_ARGS} @@ -4136,7 +4190,7 @@ _INSTALL_SEQ= install-message check-conflicts \ run-depends lib-depends apply-slist pre-install \ pre-install-script generate-plist check-already-installed -_INSTALL_SUSEQ= check-umask install-mtree pre-su-install \ +_INSTALL_SUSEQ= check-umask install-mtree add-gid add-uid pre-su-install \ pre-su-install-script do-install install-desktop-entries \ post-install post-install-script add-plist-info \ add-plist-docs add-plist-examples add-plist-data \ Index: japanese/sj3-server/Makefile =================================================================== RCS file: /home/ncvs/ports/japanese/sj3-server/Makefile,v retrieving revision 1.31 diff -d -u -I\$FreeBSD:.*\$ -I\$NetBSD:.*\$ -I\$OpenBSD:.*\$ -I\$DragonFly:.*\$ -I\$Id:.*\$ -I\$Translation:.*\$ -I\$hrs:.*\$ -r1.31 Makefile --- japanese/sj3-server/Makefile 26 Oct 2008 23:12:53 -0000 1.31 +++ japanese/sj3-server/Makefile 23 Nov 2008 18:36:44 -0000 @@ -7,7 +7,7 @@ PORTNAME= sj3 PORTVERSION= 2.0.1.20 -PORTREVISION= 6 +PORTREVISION= 7 CATEGORIES= japanese MASTER_SITES= LOCAL/nork PKGNAMESUFFIX= -server @@ -23,6 +23,8 @@ USE_RC_SUBR= sj3.sh USE_IMAKE= yes +USE_UID= _sj3 +USE_GID= _sj3 SUB_FILES= sj3_freebsd.tmpl SUB_LIST= DESTDIR=${DESTDIR} @@ -52,7 +54,4 @@ pre-configure: apply-slist ${INSTALL_DATA} ${WRKDIR}/sj3_freebsd.tmpl ${WRKSRC}/sj3_freebsd.tmpl -pre-su-install: - @${SETENV} ${SCRIPTS_ENV} PKG_PREFIX="${PREFIX}" ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL - .include Index: japanese/sj3-server/pkg-install =================================================================== RCS file: japanese/sj3-server/pkg-install diff -N japanese/sj3-server/pkg-install --- japanese/sj3-server/pkg-install 26 Oct 2008 19:35:08 -0000 1.6 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,37 +0,0 @@ -#!/bin/sh -# $FreeBSD: ports/japanese/sj3-server/pkg-install,v 1.6 2008/10/26 19:35:08 hrs Exp $ - -PATH=/bin:/usr/sbin - -case $2 in - PRE-INSTALL) - USER=_sj3 - GROUP=${USER} - UID=912 - GID=${UID} - - if pw group show "${GROUP}" 2>/dev/null; then - echo "You already have a group \"${GROUP}\", so I will use it." - else - if pw groupadd ${GROUP} -g ${GID}; then - echo "Added group \"${GROUP}\"." - else - echo "Adding group \"${GROUP}\" failed..." - exit 1 - fi - fi - - if pw user show "${USER}" 2>/dev/null; then - echo "You already have a user \"${USER}\", so I will use it." - else - if pw useradd ${USER} -u ${UID} -g ${GROUP} -h - \ - -d /nonexistent -s /usr/sbin/nologin -c "SJ3 Daemon" - then - echo "Added user \"${USER}\"." - else - echo "Adding user \"${USER}\" failed..." - exit 1 - fi - fi - ;; -esac ----Next_Part(Mon_Dec__8_03_32_50_2008_083)---- ----Security_Multipart0(Mon_Dec__8_03_32_50_2008_342)-- Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iEYEABECAAYFAkk8FtIACgkQTyzT2CeTzy3OoQCfUr4PjMMPagFYA5Xwloc2JCVD r3IAnRhOYe4h713YVVolFCXl/5/qoQYA =5XP3 -----END PGP SIGNATURE----- ----Security_Multipart0(Mon_Dec__8_03_32_50_2008_342)----